Disclaimer

NeCoders shall not be held responsible for any cases of software/files being hacked due to the information provided in this article.

General Overview

Welcome back to part 3 of the Building Security Awareness in .Net Assemblies series. In this article, I will share with you the possibility of breaking Strong Named .Net Assemblies. Make sure you have already read through part 1 and 2 before continuing on.

Questions pertaining to Strong Name

I do believe many others have the same doubts as I do on whether Strong Name keys could really protect the assembly from being tampered. I would like to share my doubts with you in this article.

Questions:

Question : Is Strong Name key secure?

Answer : Yes, Strong Name key uses RSA 1024 bit encryption.

Question : Is Strong Name key breakable?

Answer : If you have enough computing power, time and knowledge on how to break RSA, the answer is yes.

Question : Can Strong Name key be removed from .NET assemblies?

Answer : Yes, it can be removed very easily if you know how.

The Demonstration Test machine specifications :

Windows XP Professional Edition SP 1 1

Intel Pentium 4 2.6GHz

256MB DDR-RAM

Visual Studio .Net 2003 Professional Edition

Microsoft .Net Framework 1.1

Download the executable files that come with this article.

Open your Visual Studio .Net 2003 command prompt.

Make sure you are inside the CrackingIL/bin/debug directory.

Type “ildasm CrackingIL.exe /out=CrackingIL.il”.

You must be wondering, why we are repeating what we had done in part 1 and part 2 of the series. If you notice, the way to break Strong Name keys is by manipulating the Intermediate Language. But the problem is in part 2, we did modify the Intermediate Language and at the end when we tried to convert it back to an assembly, we will receive an error. I will explain in detail on which part of the Intermediate Language that you should modified to remove the Strong Name key.

Open up the CrackingIL.il with a text editor. I use notepad.

Take a look at the red boxes. From what I understand, each assemblies like System.Windows.Forms, System and mscorlib contains their own public key token and version number.

Now, does our assembly contain a public key? The answer is yes. Before showing it to you, I will first show you 2 screenshots; one without Strong Name key and one with Strong Name key attached.

Without Strong Name :

With Strong Name :

You will notice that the difference on both sides is that the Strong Name key assembly contains a public key. In order to tamper a Strong Named .Net Assembly, just remove that highlighted section. It will look like this.

Now do some modifications to the existing Intermediate Language. You have to remove the registry checking so it will not prompt you for serial number or license. Look for this code.

Then remove the lines of code from IL_0000 to IL_0075. You should have an output like this.

Now just edit some text to prove that you have hijacked that Strong Named key .Net Assembly. Find the code with the phrase “Welcome to NeCoders” and replace it to “You are being hijacked, Strong Names are useless here”.

Congratulations! You had managed to manipulate .Net assemblies with Strong Name key attached to it.

Conclusion

Again, I hope you find this series of the article to be interesting. There will be more articles under this series, in terms of breaking and securing the .Net assemblies. Do check out article 4 when it is available as it will explaining the many theories in .NET security. This in return should provide you with a better understanding in this topic.

References

None

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

Your articles are very enjoyable and I look forward to reading more. One question comes into my mind is, since you can remove the public key of the assembly, do you think you can replace that public key with another public key?

at first my reaction was - ok. SN is not to be meant for..., but then what if someone changed both, the dll, AND the exe which used it and removed the SN references from both. Then the exe would gladly use the unsigned assebmly/dll. Which still might mean, that (provided the admins do their work) at system-level/by policy, then unsigned assemblies will now not have as many OS-rights as they did have.

I don't find anythink better like use dotfuscator, but dotfuscator not realy protect application or assembly, so the one way is maybe possible do more secure to hide inside assembly or application code, the way is use small like VSTA engine inside and encript needed parts of code with unmanaged C++

I was, prior to this, pretty confident that we could use a non-obscure licensing scheme safe in the knowledge that our interdependant assemblies could not be compromised easily, however this seems to be completely untrue in light of what you published here.

There is obfuscation of course, but it must be turned off for the bits that use reflection and our business apps rely heavily on reflection in the business object framework we are using so it's looking increasingly like were going to have trouble with the licensing however we go about it.

Hopefully you have some tricks up your sleeve?

Thanks again for the informative article, there is too little on this subject out there.

Strong names are not intended to prevent modification of the code at all. They are intended as a means of verifying that the assembly does indeed come from said source. If you want to modify an assembly and have programs that reference it continue to run, that's easy too, just modify the programs in the same manner as well.

What strong names DO prevent is outright spoofing. For instance, if a machine's code access security is set to allow code from company X (say that's your employer's company and this is the internal network) to do anything it wants while all other code is sandboxed, it makes it impossible (unless, as you say, you happen to have obscene amounts of processing power and can break the key) for a hacker (or virus, etc) to change company X's code to do something harmful. As soon as they change the code, they break the strong name and CAS refuses to give the assembly full access to the system.

The only way to really hack a strongly named assembly is to have the private key available (or, again, lots of computer power to break the encryption) so that the altered version can be resigned and have the same public key.

I think that you did some great work back there Chua!!! Carry on with it and hope you come up with another article soon.
The simplicity makes for such nice understanding that it is quite amazing.
Also please do keep on writing them like tihs. It is much better to read up on your opinions as they are changing. Too often understanding doesn't come because we do not understand the history behind it.

Strong names are used to prove who wrote an assembly, and not to protect it. If you modify an assembly, you can't make it look like it was someone else who wrote it. Therefore, when you load any strong name asembly, you can be shure who wrote it. Even after deployment.

Yes, this is correct statement. Microsoft created strong names to prove identity. Also this article makes mistakes in security concept. Strong names are related to .NET security infrastructure which can be partly seen in .NET Configuration wizard in Runtime security.
Here is important to understand security policies and code groups.
When you define your own code group where application will belong according to its strong name then it will get runtime permissions (maybe some higher ones because otherwise it will get the default ones from default code groups according to its origin - there can be other scenarios like when using GAC, third party assemblies etc).

This scenario is similar like when you would create app with strong key and you would leave doors open. Then when you loose your key then you can still pass through the door. But if the door are locked and require a key then when you remove the strong name from app you can't pass (doors = code groups).

So you can throw all your keys out like you can do it just droping them from your pocket. But then you'll not get at home, to your car simply anywhere where authorization is required.

So this article makes no sense.

Some more samples on this topic will come in my freebook on http://www.skilldrive.com/DOTNETinSamplesdoc.zip

You're welcome to contact me. I'm specialized on security topics in Microsoft and we can discuss it (some topics are covered in my ebooks or articles). But thank you for your articles, maybe you could be contacted by some our MS guys to be an MVP

This is incorrect. Strong names are not used to prove publisher identity, thats what Publisher Certificates and signcode is used for. SN is to provide a globally unique name so that it may be stored in the GAC without conflicting with other assemblies that may have the same friendly names. It is not used to protect an assembly from tampering or to prove publisher identity.

Well, it's right that strong names are indeed required to put assemblies in the gac, and the term "strong name" certainly indicates it too. But a strong name does indeed prove the author, given of course that you can somehow verify the public key with which the "publc key token" or fingerprint if you wish. It does prove that the assembly is signed with a certain private key. Thanks for correcting me.

In some sence you can ensure that only the person with the private key can generate an assembly with the same identity. If the calling assembly validates the strong name identity of the assembly this hack will fail. For example the .NET runtime itself will check the strong name evaluate security policies, if this assembly was explicitly granted full trust (assuming it is not granted by default, which by default all assemblies on run from local machine are given full trust) then the hacked assembly will no longer have full trust. This hack essentially only works when strong name identity is not required.

Although SN proves only a person with the private key can modify the assembly without changing its identity (as identity was changed here) it still is not proof of publisher identity. For example if someone aquires the private key we can no longer guarentee a specific person or organization has created it. Authenticode however is different by utilizing a trust network and timestamping services if a private key is ever stolen it is revoked. The timestamp also included in the signed data can gaurentee the assembly was signed before or after the key was stolen. This is not possible with SN which has no trust network. SN was designed for assembly identity. If publisher identity is important use Authenticode, as SN cannot make the same gaurentees.

For more information on the differences in intent see Authenticode and Strong Names see:
http://msdn.microsoft.com/library/en-us/secmod/html/secmod80.asp

Just curious if you could crack the XenoCode obfuscator with control flow obfuscation and the IL breaker turned on. If so, that would be good to know.
Get a XenoCode trial at http://www.xenocode.com to test your assembly and try to crack it. I am not associated with them, just curious as I have their product. Cheers!

According to the cracker forums I sometimes monitor, this obfuscator has not provided sucessful protection. I believe any obfuscator can be defeated. The list of .net development tools protected by professional products, that have been cracked, is huge!

Forget about real protection and focus on basic protection. The best protection is to withold key bits of your binary from all except true purchasers. That is, don't put out a full version that is "protected", but make two builds: one for demos, missing code, and one for purchasers, or serious evalators that you can verify. Remember the crackers are just doing it for fun most of the time. They are not interested in using your product seriously.

I just tought 3 seconds about this, but this example is showing an independant assembly. If an assembly reference a Strong Named assembly and you tamper that referenced assembly, then that tampered assembly can't be referenced. Am I correct?

Yeah, in this article I am only refering to a single independent assembly. But for your 2nd question, I will reserve it for my coming articles. I am really working hard on something cool on the next releases of the articles. Give me some time

Going one step further than that, the hacker could even sign the tampered assembly by his own private key - so potentially fooling the CLR, if the CLR grants trust to an assembly simply if it is signed.
I now more strongly feel that the onus is now on the system administator of the machine(s) to cleverly set trust and evidence based code access security policies for the CLR so that the compromised assemblies fail to execute. This can probably only be achieved if the policy is based on the publisher's identity - be it his public key or his digital certificate.http://dotnetyogi.blogspot.com/[^]

No.
The public key token will be different if you sign the assembly with a different key. So the loader won't be fooled at all.

If an exe loads a library which checks for a registration, and you change the public key token of the library, then the clr won't load the "hacked" dll at all. You'd have to modify all the assemblies that references a hacked one too.

Totally agree. The hacker would have to 'unsign' and sign all the related assemblies. The CAS policies still wouldn't allow running that code if it has been set up to allow only trusted code to run. I have a feeling, in majority of the .Net running environments (especially the small to medium size sites) the code access security policies have not been set up at all. I think, as much as or more than the developers, the idea of .Net security has yet to sink in with the system administrators.

It's great article to read, and you have given a good example of strong name assemblies , but what i know that strong name are used for side by side execution of assemblies which are applicable on Public Assemblies , but any way these were very good articles and hope to get Part IV soon from you

NeCoders shall not be held responsible for any cases of software/files being hacked due to the information provided in this article.

That's like me writing an article "50 Ways To Infiltrate Buildings and Plant Explosives" and including a disclaimer: "RabidKangaroo shall not be held responsible for any buildings that are destroyed due to the information provided in this article."

"Those that say a task is impossible shouldn't interrupt the ones who are doing it." - Chinese Proverb

Sorry, but the author is right. Security through obscurity does not work, and that's why even MS publishes deatiled information about vulnerabilities - knowing about a vulnerability in detail is the only true way of knowing if you're in danger and how you can protect yourself.

RabidKangaroo wrote: That's like me writing an article "50 Ways To Infiltrate Buildings and Plant Explosives" and including a disclaimer: "RabidKangaroo shall not be held responsible for any buildings that are destroyed due to the information provided in this article."
RabidKangaroo never entered a building, right? A world where only hackers know how to break code is a world where no one is safe. Good programmers need to know how to break code. Trying hard to break your own code is the first line of defense against hackers.

Daniel Turini wrote:RabidKangaroo never entered a building, right? A world where only hackers know how to break code is a world where no one is safe. Good programmers need to know how to break code. Trying hard to break your own code is the first line of defense against hackers.

I agree with Daniel. To KNOW to do the attack is the best form of protecting. Writing Secure Code[^] among other very useful things, talks exactly about this...

I don't believe there is enough content to provide a 3 part article. You could probably get good reviews (You already are but it could get better) if you condensed the 3 parts into a single part about Strong Names. Also you need to understand, like others have said, that Strong Naming isn't supposed to protected code from highjacking but to provide the ability to strongly name an aseembly for reference abilities. It also provides some other benefits when it comes to the CAS but that could be another article. The reason the hashing exists is to verify that the assembly is the same as it was before so that when an app loads the assembly it can be sure it has the one it is supposed to. If you remove the strong name then an app that references that assembly won't be able to find it thus defeating the purpose of trying to highjack the assembly.

Great article though. I need to get off my butt and submit the ones I have laying around. Kudos to you.

Thanks for your series of articles, they are well written and easy to understand.
I really don't see the point of strong named assemblies after reading this. I didn't think it would be that easy to crack, but I guess, having clear text IL code will always make it easily breakable.
A previous comment said that Strong Named assemblies are just for more reliable referencing. I really had the impression that it was for security, but you have blown that theory sky high!
Thanks

Being in a minority of one, doesn't make you insaneGeorge OrwellHowever, in my case it does

Don't forget this is very simplistic implementation of using strong names for security. A developer fluent in assembler could just as easily do something similar with compiled win32 code.

Strong names are also used for other reason like assigning privileges on a machine/enterprise based on the strong name or public (see Runtime security policy in .Net configuration, many Microsoft assembly are granted special privileges by their public key). .Restrictions can be applied for access to methods/classes in other systems based on public keys by using codeaccess security. (see StrongNameIdentityPermission).

Although as this article demonstrates Strong names could be compromised, if you employ a complete security model these changes can be detected. I would recommend that you sign all code, even if it is only deployed to desktops within your organisation. Security is not so much as preventing tamper completely, but making mechanisms that allow you to detect tamper and take appropriate action to prevent the system being compromised.

Rather than take the author at this word here suggest you get a good book on .Net security. The author is technically correct, his article is informative, but he has assumed that you are only using strong names for a single purpose which is only part of the .Net security model.

Sorry about the rant but as a consultant I often come into organisations where no security has been applied to .Net code, even on public web servers.

.Net code can be made secure, but like any good security system a compromise has to be expected and dealt with appropriately. To assume that you code/System will never be compromised just means you will never know when it is.